Information Technology- Information Security - پردیس بین المللی کیش
University of Tehran
Kish International Campus
Master Program in
Information Technology- Information Security
Introduction
The Master of Information Technology – Information Security program at Kish campus of University of Tehran is a graduate professional program that prepares students to work in the high-demand IT security industry
To achieve the objectives of the program and to enhance students' learning experience, Kish campus provides an Information Security Lab to enhance the curriculum of the program. This lab facility hosts an array of network settings and consists of a variety of network in a secure setting.
The curriculum also provides students with the opportunity to apply core course concepts to a substantial project in the workplace. This plan of study introduces students to the fundamental knowledge of the ever-changing IT security field.
Master Degree Curriculum in Information Technology- Information Security
Part A: Core Courses
| Row | Course Name | Units | Hours | Practical (Hours) |
| 1 | Fundamentals of Information Systems Security | 3 | 48 | |
| 2 | Applied Cryptography | 3 | 48 | |
| 3 | Network Security | 3 | 48 | |
| 4 | Secure Computer Systems | 3 | 48 | |
| 5 | Database Security | 3 | 48 | |
| 6 | Security Protocols | 3 | 48 | |
| 7 | Seminar | 2 | 32 | |
|
| ||||
| Total | 20 | |||
Part B: Elective Courses (2 Courses must be elected)
| Row | Course Name | Units | Hours | Practical (Hours) |
| 1 | Security Architecture, Design and Analysis | 3 | 48 | |
| 2 | Advanced Topics in Information Security | 3 | 48 | |
| 3 | E-Commerce Security | 3 | 48 | |
| 4 | Secure Communication Systems | 3 | 48 | |
| 5 | Secure System Management | 3 | 48 | |
| 6 | Formal Models and Information Security | 3 | 48 | |
| 7 | Information Hiding | 3 | 48 | |
| Total | 6 | |||
Part C: Thesis
| Row | Course Name | Units | Hours | Lab(Hours) |
| 1 | Thesis | 6 | ||
| Total | 6 | |||
Fundamentals of Information Systems Security
Course content:
The Need for Information Security , Information Systems Security, The Internet of Things Is Changing How We Live, Malicious Attacks, Threats, and Vulnerabilities, The Drivers of the Information Security Business, Access Controls, Security Operations and Administration, Auditing, Testing, and Monitoring, Risk, Response, and Recovery, Cryptography, Networks and Telecommunications, Malicious Code and Activity, Information Security Standards, Information Systems Security Education and Training, U.S. Compliance Laws
References
| [1] | D. Kim and M. G. Solomon, Fundamentals of Information Systems Security, Jones & Bartlett Learning, 2016. |
Applied Cryptography
Course content:
Foundations, Protocol building blocks, Basic protocols, Intermediate protocols, Advanced protocols, Esoteric protocols, Key length, Key management, Algorithm types and modes, Using algorithms, Mathematical background, Data encryption standard, Other block ciphers, Stil other block ciphers, Combinig block ciphers, Pseudo-random-sequence generators and stream ciphers, Other stream ciphers and real random-sequence generators, One-way hash functions, Public-key algorithms, Public-key digital signature algorithms, Identification schemes, Key-exchage algorithms, Special algorithms for protocols, Politics
References
| [1] | B. Schneier, applied cryogrhy :protocols, algorithms, and source code in c, wiley, 2017. |
Network Security
Course content:
Computer Network Fundamentals, Computer Network Security Fundamentals, Security Threats and Threat Motives to Computer Networks, Introduction to Computer Network Vulnerabilities, Cyber Crimes and Hackers, Scripting and Security in Computer Networks and Web Browsers, Security Assessment, Analysis, and Assurance, Disaster Management, Access Control and Authorization, Authentication, Cryptography, Firewalls, System Intrusion Detection and Prevention, Computer and Network Forensics, Virus and Content Filtering, Standardization and Security Criteria: Security Evaluation of Computer Products, Computer Network Security Protocols, Security in Wireless Networks and Devices, Security in Sensor Networks, Virtualization Technology and Security, Cloud Computing Technology and Security, Mobile Systems and Corresponding Intractable Security Issues, Internet of Things (IoT): Growth, Challenges, and Security
References
| [1] | J. M. Kizza, Guide to Computer Network Security, Springer, 2017. |
Secure Computer Systems
Course content:
Introduction to Computer Architecture and Security, Digital Logic Design, Computer Memory and Storage , Bus and Interconnection, I/O and Network Interface, Central Processing Unit , Advanced Computer Architecture, Assembly Language and Operating Systems, TCP/IP and Internet, Design and Implementation: Modifying Neumann Architecture
References
| [1] | S. . Wang and R. S. Ledley, computer architecture and security, Wiley, 2013. |
Database Security
Course content:
Recent Advances in Access Control, Access Control Models for XML, Access Control Policy Languages in XML, Database Issues in Trust Management and Trust Negotiation, Authenticated Index Structures for Outsourced Databases, Towards Secure Data Outsourcing, Managing and Querying Encrypted Data, Security in Data Warehouses and OLAP Systems, Security for Workflow Systems, Secure Semantic Web Services, Geospatial Database Security, Security Re-engineering for Databases: Concepts and Techniques, Database Watermarking for Copyright Protection, Database Watermarking: A Systematic View, Trustworthy Records Retention, Damage Quarantine and Recovery in Data Processing Systems, Hippocratic Databases: Current Capabilities and Future Trends, Privacy-Preserving Data Mining: A Survey, Privacy in Database Publishing: A Bayesian Perspective, Privacy Preserving Publication: Anonymization Frameworks and Principles, Privacy Protection through Anonymity in Location-based Services, Privacy-enhanced Location-based Access Control, Efficiently Enforcing the Security and Privacy Policies in a Mobile Environment
References
| [1] | M. Gertz and S. Jajodia, Handbook of Database Security: Applications and Trends, Springer, 2008. |
Security Protocols
Course content:
Preliminaries, Operational Semantics, Security Properties, Verification , Multi-protocol Attacks, Generalizing NSL for Multi-party Authentication, Historical Background and Further Reading
References
| [1] | C. Cremers and S. Mauw, Operational Semantics and Verification of Security Protocols, Springer, 2012. |
Security Architecture, Design and Analysis
Course content:
Network security foundations, Designing secure networks, Secure network designs
References
| [1] | S. Convery, Network Security Architectures, Cisco Press, 2004. |
Advanced Topics in Information Security
Course Contents:
Critically evaluate some of the important past and current research that has been undertaken within the information systems discipline;
Demonstrate an appreciation of the diversity of research currently being undertaken within the information systems discipline;
Identify research articles in the information systems discipline that they might wish to use in their theses or research report;
Distinguish among research approaches in the information systems discipline and identify approaches that might be useful in subsequent work.
· A Bit of Theory
· Coordination in Standards Setting
· The Issue of Speed
· IPR Problems
- Applications
· The Economic Perspective
· After Standardization
References
| [1] | K. Jakobs, Advanced Topics in Information Technology Standards and Standardization Research Series, Idea Group , 2006. |
E-Commerce Security
Course content:
Security Testing of an Online Banking Service, Software Security Analysis, New Security Issues in Mobile E-Commerce, Problems in Policing E-Commerce Crime, Strategies for Developing Policies and Requirements for Secure and Private Electronic Commerce, Protocols for Secure Remote Database Access with Approximate 87
Matching, A New Approach to Reasoning about Accountability in Cryptographic Protocols for E-Commerce, Provisional Authorizations
References
| [1] | A. K. Ghosh, e-commerce security and privacy, Kluwer Academic Publishers, 2001. |
Secure Communication Systems
Course content:
Threats and Solutions, An Introduction to Encryption and Security Management, Voice Security in Military Applications, Telephone Security, Secure GSM systems, Security in Private VHF/UHF Radio Networks, Electronic Protection Measures - Frequency Hopping, Link and Bulk Encryption, Secure Fax Network, PC Security, Secure Email, Secure Virtual Private Networks, Military Data Communication, Management, Support and Training
References
| [1] | R. Sutton, Secure Communication: Applications and Management, wiley, 2002. |
Secure System Management
Course content:
Challenges in Managing Information Security in the New Millennium , Information Systems Security and the Need for Policy , New Millennium; New Technology; Same Old Right and Wrong , Ethical Elements of Security and Developments in Cyberspace that Should Promote Trust in Electronic Commerce , Cyber Terrorism and the Contemporary Corporation , Addressing Prescription Fraud in the British National Health Service: Technological and Social Considerations , The Irish Experience with Disaster Recovery Planning: High Levels of Awareness May Not Suffice , An Analysis of the Recent IS Security Development Approaches: Descriptive and Prescriptive Implications , Internet and E-Business Security , Assurance and Compliance Monitoring Support , Intelligent Software Agents: Security Issues of a New Technology , Principles for Managing Information Security in the New Millennium
References
| [1] | G. Dhillon, Information Security Management: Global Challenges in the New Millennium, Idea Group, 2001. |
Formal Models and Information Security
Course content:
Running example, Messages and deduction, Equational theory and static equivalence, A cryptographic process calculus, Security properties, Automated verification: bounded case, Automated verification: unbounded case, Further readings and conclusion
References
| [1] | V. Cortier, Formal Models and Techniques for Analyzing Security Protocols, V. Cortier and S. Kremer, 2014. |
Information Hiding
Course content:
Introduction to Information Hiding, Multimedia Steganography, Steganalysis, Network Steganography, Robust Watermarking, Watermarking Security, Fingerprinting, Fragile and Authentication Watermarks, Media Forensics, Watermarking in the Encrypted Domain
References
| [1] | S. Katzenbeisser and F. Petitcolas, Information Hiding, ARTECH HOUSE, 2016. |